Privacy Policy

Effective Date: March 13, 2026  |  Last Updated: March 13, 2026

1. Introduction

DatoBridge, Inc. ("DatoBridge," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website at www.datobridge.com (the "Site"), use our platform, or otherwise interact with us.

By accessing or using the Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use the Site.

2. Information We Collect

2.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number, and company name when you request a demo, contact sales, or submit a form.
  • Account Information: Business email, organization name, and role when you create an account on our platform.
  • Communications: Content of messages you send to us via email, forms, or other channels.

2.2 Information Collected Automatically

  • Device and Browser Information: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage Data: Pages visited, time spent on pages, referring URLs, click patterns, and navigation paths.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies as described in Section 7 below.

2.3 Information We Do Not Collect

DatoBridge operates on a zero PHI storage model. Our platform uses pass-through streaming architecture, meaning we do not store, retain, or have access to Protected Health Information (PHI) processed through our system. This Privacy Policy applies to personal information collected through our marketing website and business operations, not to healthcare data processed by our platform.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our platform and services.
  • Communications: To respond to your inquiries, send requested information, and provide customer support.
  • Marketing: To send you information about our products, services, and updates that may be of interest to you. You may opt out at any time.
  • Analytics: To understand how visitors use our Site and to improve our content, functionality, and user experience.
  • Security: To detect, prevent, and address fraud, unauthorized access, and other illegal activities.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. Legal Bases for Processing

We process your personal information based on the following legal grounds:

  • Consent: Where you have given us explicit consent (e.g., subscribing to communications).
  • Contractual Necessity: Where processing is necessary to perform a contract with you or take steps at your request before entering a contract.
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, such as improving our services, provided these interests do not override your rights.
  • Legal Obligation: Where processing is required by applicable law.

5. How We Share Your Information

We do not sell your personal information. We may share information in the following limited circumstances:

  • Service Providers: With trusted third-party vendors who assist us in operating our business (e.g., hosting, analytics, email delivery), subject to confidentiality obligations.
  • Legal Requirements: When required by law, subpoena, court order, or governmental regulation.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, in which case we will notify you of any change in ownership or use of your information.
  • With Your Consent: In any other circumstances where we have obtained your explicit consent.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

7. Cookies and Tracking Technologies

7.1 What Are Cookies

Cookies are small text files stored on your device when you visit a website. They help websites function properly, remember your preferences, and provide analytics data.

7.2 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the Site to function (e.g., session management, security). These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with the Site by collecting usage data anonymously.
  • Functional Cookies: Remember your preferences and settings (e.g., cookie consent choice).

7.3 Managing Cookies

When you first visit our Site, a cookie consent banner will allow you to accept or decline non-essential cookies. You can also manage cookies through your browser settings. Note that disabling certain cookies may affect Site functionality.

8. Your Privacy Rights

8.1 General Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete information.
  • Right to Deletion: Request deletion of your personal information, subject to legal exceptions.
  • Right to Opt Out: Opt out of the sale or sharing of your personal information (we do not sell personal information).
  • Right to Non-Discrimination: Exercise your privacy rights without receiving discriminatory treatment.

8.2 California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with additional rights:

  • The right to know what personal information we collect, use, and disclose.
  • The right to request deletion of your personal information.
  • The right to opt out of the sale or sharing of personal information. DatoBridge does not sell personal information.
  • The right to correct inaccurate personal information.
  • The right to limit the use of sensitive personal information.

To exercise these rights, contact us at privacy@datobridge.com. We will respond to verified requests within 45 days.

8.3 Virginia Residents (VCDPA)

Virginia residents have the right to access, correct, delete, and obtain a copy of their personal data, as well as the right to opt out of targeted advertising and profiling. To exercise these rights, contact us at privacy@datobridge.com.

8.4 Colorado Residents (CPA)

Colorado residents may exercise rights to access, correct, delete, and port their personal data, and to opt out of targeted advertising, sale of personal data, or profiling. Contact us at privacy@datobridge.com to submit a request.

8.5 Connecticut Residents (CTDPA)

Connecticut residents have similar rights to access, correct, delete, and obtain a copy of their personal data, as well as opt-out rights for targeted advertising and the sale of personal data.

8.6 Other State Privacy Laws

Residents of Utah, Texas, Oregon, Montana, Iowa, Indiana, Tennessee, and other states with consumer privacy legislation may have additional rights under their respective state laws. We are committed to honoring verifiable privacy requests from all US residents. Contact privacy@datobridge.com with any requests.

9. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • AES-256-GCM encryption for data at rest and in transit.
  • SOC 2 Type II-compliant operational controls.
  • Regular security assessments and vulnerability testing.
  • Access controls and employee security training.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

10. HIPAA Compliance

DatoBridge operates as a HIPAA-compliant platform. Our zero PHI storage architecture means Protected Health Information passes through our system via encrypted streaming and is never stored on our infrastructure. For healthcare data processed by our platform, we enter into Business Associate Agreements (BAAs) with covered entities as required by HIPAA.

11. Children's Privacy

Our Site and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@datobridge.com.

12. Third-Party Links

Our Site may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any external sites you visit.

13. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. We honor DNT signals and do not track users who have enabled this feature in their browser settings.

14. International Users

Our Site and services are operated from the United States. If you access our Site from outside the United States, your information may be transferred to and processed in the United States. By using the Site, you consent to such transfer and processing.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on this page with a revised "Last Updated" date. We encourage you to review this page periodically. Material changes will be communicated via a notice on the Site.

16. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, or wish to exercise any of your privacy rights, please contact us: